A FaceTime bug that lets a caller listen to the audio of the recipient before he or she answers the phone will be addressed in an update later in the week, Apple said Monday night.
“We’re aware of this issue and we have identified a fix that will be released in a software update later this week,” CNBC cited an Apple spokesperson as saying.
The bug is believed to affect any devices running iOS 12.1 or later, according to a report by 9to5Mac, which was able to reproduce it. To exploit the big, a caller would have to initiate a call with a iPhone contact and, while the phone is dialing, swipe up from the lower part of the screen and after choosing “Add Person,” add his/her name.
That launches a group FaceTime call in which the recipient’s audio can be heard even if they’ve not accepted the call, the report said.
“While the news of the Apple FaceTime bug is something that is shocking, the industry is getting overly excited as the likelihood of this bug being abused is very low,” said Joseph Carson, chief security scientist at Thycotic.
“People are finally waking up to the fact that technology can allow an attacker to listen to everything you say, use your camera to watch everything you do, and understanding that your iPhone can do this without the user needing to make any changes,” said Carson, noting that “most people are ignoring the risks and assume they will never be a target.”
Still, he cautioned, “the cybersecurity community is getting overly enthusiastic about this flaw, most likely because it coincided with National Privacy Day.”
Until Apple issues an update, users can disable FaceTime by going to Settings and turning off the feature.